package io.gitee.rocksdev.kernel.security.starter;

import io.gitee.rocksdev.kernel.security.api.expander.SecurityConfigExpander;
import io.gitee.rocksdev.kernel.security.xss.XssFilter;
import io.gitee.rocksdev.kernel.security.xss.XssJacksonDeserializer;
import io.gitee.rocksdev.kernel.security.xss.prop.XssProperties;
import org.springframework.boot.autoconfigure.AutoConfiguration;
import org.springframework.boot.autoconfigure.jackson.Jackson2ObjectMapperBuilderCustomizer;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;

@AutoConfiguration
/* loaded from: input_file:io/gitee/rocksdev/kernel/security/starter/XssAutoConfiguration.class */
public class XssAutoConfiguration {
    @Bean
    public FilterRegistrationBean<XssFilter> xssFilterFilterRegistrationBean() {
        XssProperties createProperties = createProperties();
        FilterRegistrationBean<XssFilter> filterRegistrationBean = new FilterRegistrationBean<>();
        filterRegistrationBean.setFilter(new XssFilter(createProperties));
        filterRegistrationBean.addUrlPatterns(createProperties.getUrlPatterns());
        filterRegistrationBean.setName("ROCKS_XSS_FILTER");
        filterRegistrationBean.setOrder(Integer.MIN_VALUE);
        return filterRegistrationBean;
    }

    @Bean
    public Jackson2ObjectMapperBuilderCustomizer xssJackson2ObjectMapperBuilderCustomizer() {
        return jackson2ObjectMapperBuilder -> {
            jackson2ObjectMapperBuilder.deserializerByType(String.class, new XssJacksonDeserializer(createProperties()));
        };
    }

    private XssProperties createProperties() {
        XssProperties xssProperties = new XssProperties();
        xssProperties.setUrlPatterns(SecurityConfigExpander.getUrlPatterns());
        xssProperties.setUrlExclusion(SecurityConfigExpander.getUrlExclusion());
        return xssProperties;
    }
}
